SUMMARY:

• 14 years of SAP experience with over 12 years of SAP Security Administration expertise.
• Experienced Consultant with extensive experience in SAP R/3 Security and Sarbanes Oxley Compliance
• SAP R/3 Security (ECC 6.0, 4.7,4.6C,4.6B,3.0D,3.1H,3.1I)
• Profile Generator (PFCG), Role, Profile creation, modifications, User Administration, Central User Administration(CUA), Authorization objects, User reconciliation, CATT Scripts
• Expertise in BW/BI security (7.2,3.5,3.0B,2.0B,2.1C)
• BW Administration workbench - BW Info cubes, Info objects, Hierarchy, Variables, Update and transfer rules, Info Areas, Info object catalog, ODS (Operational Data Store) Workbook and design roles.
• Security Administration & Compliance in HCM, EHS, MM, PP, PM, MRP, SD, FI/CO, BW & HR
• EPM (BW, BPC,), APO, SRM, Sarbanes-Oxley Compliance, Segregation of Duties (SOD) within SAP implementation, VIRSA Compliance Suite (Compliance Calibrator/VRAT, Role Expert, Firefighter, etc.) & Approva BizRights.
• Involved in Complete SAP R/3 project lifecycle from Design phase to Post-implementation phase, Upgrade & Support of several ERP implementations involving multiple modules, from system design stage to a “Go Live” stage
• Experience with Structural Authorizations of HR module.
• Experience in implementing and configuring Central User Administration (CUA).
• Knowledge of Information Security Standards like ISO 27001, COBIT 5, COSO, NIST CSF, CIS, ITGC, PCI DSS Control Frameworks.
• Working knowledge of Blue prism, UIPath Studio and Automation Anywhere Robotic Process Automation Tools.
• Testing security with all queries, BW security, Transporting objects, queries, roles using transport connection, APO security, SDLC.
• Certified in SAP GRC AC 10.0 and involved in multiple implementations and configuration.
• Experience in Networking tools like VPN, Firewall, Endpoint Protection, DLP, Intrusion Prevention etc.
• Worked with business users and implementing partner SAP on GRC config and implementation.
• Experience with SAP Portals (EP 5.0 & 6.0), Single Sign On(SSO), IViews, ESS, MSS and Business Warehouse (BW) Administration
• Installation, configuration, monitoring, backup/recovery, patch management & up gradation as Basis Administrator
• Sarbanes-Oxley Express solutions for Sec 302 & 404 compliance management
• Proven experience in ability to adapt quickly and work in teams, a can-do ability to take charge when necessary and drive the work to completion
• Excellent communication skills, strong analytical and interpersonal skills

TECHNICAL SKILLS:

ERP: ECC 6.0, SAP R/3 Enterprise 4.7/4.6C,BI 3.5/7.0,SCM 4.1/7.0 & EP 7.0

Databases: Sybase, Oracle, MS-SQL, MS Excel & Access

Scripting: TSL, SQA Basic, 4Test, VB script, Java script, Perl & CATT

Operating System & HW: Windows2000/NT/XP/Win7, UNIX, Linux, DOSCompaq Proliant, Sun E10000, HP 9000/Superdome, HP NetServer, Alpha, IBM NetFinity, DEC VAX

Security Audit Tools: GRC10, GRC 4.0, v5.3,VIRSA Compliance Suite, Approva BizRights, CSI Authorization Auditor, Sarbanes-Oxley ExpressTesting ToolsHP Quality Center 11.0, Remedy. HP Service Manager. HP Service Center.

PROFESSIONAL EXPERIENCE:

Confidential, NJ

Sr. SAP Security Analyst/Audit analyst

Responsibilities:

• Involved in all aspects of SAP Security including Role Changes, Processing Access Forms, Running SOD Analysis before providing access to the end user.
• Processed Lotus Notes forms for SAP ERP, ISU, CRM, BI and BOBJ.
• Created new Change Management processes for deleting roles in Production environment.
• Attended weekly Change management meetings to review the changes approved for Production Migration. Followed up with Basis team to make sure Changes went into Production without any issues.
• Experience with Application Risk Assessments and reporting.
• Involved in Internal auditing of SAP Access company wide.
• Knowledge of Risk and Control Considerations within Robotic Process Automation Implementations.
• Implemented Blue Prism User authentication by defining user roles, creating users and setting password policies.
• Collaborated with test teams during product test and UAT phases to check the vulnerabilities of the Product before implementing it.
• Worked with the business team, Internal Controls team, Sox Controls team, ERP, CRM applications teams to Create Controls for automated business transactions.
• Experience in Optimizing Financial Master data controls and enabling continuous monitoring through SAP Process Control to get real time alerts for fraud and non compliance.
• Worked with Sox Controls team in defining new financial controls for keeping SAP Financial processes Compliant.
• Analyze existing SAP Configuration to determine any control gaps and improve the Controls.
• Remediated the roles based on Internal audit findings.
• Worked on SOX Controls for User Provisioning and deprovisioning and User recertification of SAP Systems on a Quarterly Basis.
• Extracted reports for Internal and External Auditors from SAP System.
• Getting Mitigation Approvals from the Risk Owners and Mitigating end users.
• Involved in BW Hana upgrade and created named users and assigned Standard roles like Modeling, Monitoring, Public and Content Admin and Support.
• Deactivated the users who are terminated in the HANA system and Reactivated the Users if the Users are locked due to password expiry and multiple invalid login attempts.
• Used SQL Commands to Create Users, roles, assign roles, change user password, activate and deactivate users.
• Assigned SQL, Analytical, System and Package Privileges to the Roles and assigned the roles to the Users.
• Creating Test Scripts and providing access to the Functional Team in the Test Environment for testing Role Changes, Addition/Removal of Transactions.
• Development of new roles based on the business requirements and transporting across to PRD system after successful testing in Quality System.
• Monitoring SAP Security Inbox for any security related issues and resolving them.
• Creating PTR for any Production related moves which should have Test Script and approvals needed to move changes to Production Systems.
• Created Enterprise development Manager (EDM) requests and Production Change requests (PCR) for Role changes and Production move requests.
• Involved in GRC upgrade from 5.3 to 10.1.
• Involved in testing of GRC 10.1 implementation for ARA and EAM Emergency Access Management modules.
• Assigned Firefighter ID’s to the Users based on the Request.
• Reviewed the Logs of Firefighter ID’s on a daily basis.
• Used Automated LSMW scripts in setting up the new hires in the Training environment.
• BP Creation in CRMB system. Assigning Business roles to all the users.
• Monitored IBM Remedy and HP Service Manager tools for Incidents assigned to SAP Security team and resolved all the incidents.
• Created KB Articles for helpdesk for recurring known issues.
• Cleaning up of roles with sensitive information based on the Audit review.
• Disabled S TABU DIS with no authorization group and restricted the tables using S TABU NAM object.
• Monitoring the scheduled Daily SOD Analysis reports and resolving the conflicts if they come up and sending the clean SOD analysis report to management.
• Used Virsa Compliance Calibrator 4.0 for running the SOD Analysis and Mitigating the risks of users and Composite Roles.

Sr.SAP Security Consultant

Responsibilities:

• Involved in all aspects SAP security for Phase I which included ECC, BI, BOBJ 4.0, BPC CRM, SRM, SUS, PI, CPS, OpenText.
• Used HPQC tool for defect management and also Solution Manager for Incident Management.
• Worked with functional teams FI, Logistics, IM, CRM and SRM for role building and updates and changes to the roles and transported them.
• Worked with LSMW tool extensively and built 1000’s of agency roles derived from Master role. Updated Org.values using LSMW script for all the child roles.
• Good knowledge of security design and development of security roles and also SU24.
• Worked with SAP and the client in implementing GRC AC 10.0 and acted as an advisor.
• Experience of GRC AC 10 implementation and configuration and used EAM to create firefighter ID’s and checking out to users for emergency access to make changes in Production.
• Reviewed the logs of central firefighter sessions as Firefighter Controller.
• Involved in creating IDM Business role matrix for Phase I and Phase II roles. Used IDM to assign privileges and business roles to users.
• Used SUIM to get reports of changes made to user access, roles, Auth.Objects, Transactions etc.
• Built HCM roles based on specifications for Phase II go live and involved in testing.
• Worked with HCM functional team and management to build OM, PA, Payroll, Time Management, Training, ECM, Travel Admin, Benefits, Learning Solutions, Reporting, ESS and MSS roles.
• Created test users for testing changes made to roles and once the testing is successful roles are moved to Production systems.
• Created BI Analysis Authorizations using RSECADMIN and built new roles.
• Knowledge of SAP IDM 7.2 and used extensively on a daily basis to assign business roles and privileges and approvals. Updated Context and Mandatory context to agency and sub agencies for the State.

Sr.SAP Systems Analyst

Responsibilities:

• Involved in GRC 10.0 end to end implementation
• Configured all the four components ARA, ARM, BRM and EAM after the implementation.
• Involved in post installation and GRC Configuration activities.
• Performed Risk analysis for roles and user level.
• Involved in mitigating SOX Controls and mitigating users and roles.
• Experience in Continuous Controls monitoring setup and execution in Reports Work Center.
• Created roles through BRM component and performed risk analysis through BRM component
• Created, modified, locked users through ARM component and performed risk analysis
• Created BRF+RULE Ids and worked on standard MSMP Process Ids.
• Configured EAM and created FF ids and assigned FF id’s to the users based on the request and getting approval from the Manager.
• Extracted the FF log reports and sent to controllers.
• Performed Role Sync, User Sync and FF Log Sync successfully.
• Created RFC connection between GRC and Backend systems.
• Involved in conducting training sessions of GRC AC 10 for end users.
• Followed SAP best practices in GRC configuration and trained the end users on day to day activities and usage of GRC tool.
• Involved in all aspects of SAP security from setting up naming conventions for roles, profiles, and test ids, while working closely with various functional teams to collect role requirements.
• Worked on Central User Administration for single point of control to user master and profiles which involves setting ALE environment for CUA.
• Worked on Authorization objects, Activities/values/authorization groups, Roles, Role derivations, Activity groups, Composite Activity groups and User id assignments.
• Analyzed roles and mapped them to transaction codes according to business process.
• Created and generated profiles, authorization objects, object classes, roles and assigned to user master record.
• Used Transport Management System (TMS) for Transporting the generated roles and profiles.
• Extensively used the following transactions on daily basis - SU01, PFCG, SU53, SU24, SM59, SUIM, RSSM (for BW) and ST01 for providing technical support to users.
• Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes.
• Configured Profile Generator and performed transports and mass transports of roles and used CATT scripts for mass users and assigning roles.
• Performed reconciliation of User Master record & roles using PFUD and SUPC.
• Worked with process experts for SOD conflicts and assigned appropriate roles to the users. Also, supported audit team for generating audit reports.

Sr. SAP Security Consultant

Responsibilities:

• Provided SAP Security Support for large SAP Retail Category Management Implementation.
• Responsible for all security development, configuration, design and support of all SAP landscapes, R/3 (ECC Enterprise 2007), SAP Netweaver 2007 Portal, BI, SCM, XI, Solution Manager, HR, CUA.
• Spearheaded and successfully implemented ongoing SAP SOX Compliant Security Solutions designed to balance support of production processes, and governance and audit requirements, resulting in improved processes and procedures.
• Security support for all implementation project team members in all landscapes, including troubleshooting, analysis, and speedy solution of all technical errors related to security.
• Developed and implemented improved policies and procedures, implementing Best Practices solutions for SAP Security change management controls, to support SOX compliance standards requesting changes, testing and transporting SAP Security roles to production environment.
• Designed business application authorization profiles for production roles, setup Role test scenarios, trained business analysts responsible for supporting business users in security testing procedures to ensure business users are granted proper authorizations and do not suffer unnecessary security interruptions post go live.
• Assisted SAP Security Administrator in production support tasks as needed. Wrote eCatt (SECATT) Scripts for mass role creation, changes, mass user creation, and change tasks. Provided post Go Live support.

Security Consultant

My Responsibilities Include:

• As a security consultant worked with functional teams in restricting access to both Project/End users through roles specifically designed for Project/End users.
• Performed user maintenance tasks User creation, deletion, lock down, activation, password management tasks and ran various user administration reports.
• Mass update of users with roles, passwords, parameters etc using MS Excel.
• Worked on tickets in IMS system like User Creation, Authorization issues, troubleshooting access to transactions using Authorization fix tool and SU53.
• Security Administration across FI, CO, CS, PS,SL,MM, WM,QM, PP,PLM, HR, IP, SCM(APO), 1st level Support, Data Validation, Data Migration, Developers, Consultant and others.
• Handling Security issues during IGLS Period - (Intensive Go-Live Support), assigning Data Validation and Data Migration roles to specific users.
• For after go live support, assigning special authorizations to selected Spiridon rollout project team members. This will be valid only for a period of the IGLS.
• Checking the RSUSR006 report for unauthorized log-ons and to see if a user is making several unsuccessful logon attempts to the Spiridon System. This report is scheduled and evaluated regularly.
• Support during Wave V cutover period, assigning roles to select Project team members as there will be uploads of data to the live/productive system involved.
• Executing ABAP report RSUSR003 to check if there are any security gaps with regards to SAP standard users like ‘SAP*’. These checks are done in productive client periodically.
• Audit information system (SECR) transaction is used to check for Unused user ID’s. These user ID’s will be locked after a period not to exceed three months. These checks are done in productive client periodically.

Environment: SAP R/3 4.6C, ECC 6.0 AUA Tool, CUA, IMS - (Issue Management System), BW 3.5, Approva BizRights, MS Excel, Windows XP, Linux, Oracle 9.2.0.7, 10.2.0.2.

Sr. Security Analyst

Responsibilities:

• Redesigned security roles to be process stream oriented, and compliant based on SOX
• Managed change control process to move transports to production
• Worked on SOD audit issues for SOX Compliance and for SOD access removal extensively using
• VIRSA Tools for Compliance. Experienced in CISSP and HIPAA principles.
• Worked simultaneously on SOX Compliance and maintenance of R/3 security on release 4.5b as part of the core SAP security team.
• Worked closely with SAP Business Design specialists in order to implement the suitable remediation
• Process transparent to the users.
• Worked with the Audit team and the monitoring team and coordinated information among all the SAP Core teams
• Configured Compliance Calibrator, used Rule Architect, developed rules and transported the rule matrices across the landscape
• Worked with Firefighter to monitor and log transaction usage and emergency access assignment
• Defined mitigation controls using Compliance Calibrator.
• Worked with Business specialists to create roles and resolve conflicts for SOD compliance.
• Developed and implemented mitigation controls, mitigate users against risks and enhanced security through analysis of tcode and role assignments to users.
• Managed user assignments to comply with SOD.
• Transported profiles between clients within an R/3 system and between R/3 systems
• Planned and performed structural authorizations.
• Worked on streamlining and reclassification of user groups for easier addressing of issues and user administration.
• Cleaned up roles and profiles that were obsolete.
• Involved in knowledge transfer to peers and new recruits.
• Responsible for architecting and configuring Netweaver security
• Configured HTTP, HTTPS and LDAP in order to integrate Netweaver with the R/3 4.7 Enterprise implementation

Associate R/3 Basis Administrator

Responsibilities:

• Performed daily systems maintenance and management of the SAP systems.
• Fixed problems and reports complex issues to Basis Administrators.
• Upgraded the Kernel.
• Monitored/tuned SAP, Oracle and UNIX systems as needed.
• Troubleshooting problems and works with Basis Administrators to fix complex problems.
• Reorganized SAP tables using SAPDBA.
• Applied SAP best practices and support packages.
• Created activity groups for development environment.